Automate Security with AWS Security Hub
Use Cases and Deployment Scope
For our product security and data privacy is very critical. We needed to have a check on all aspects of vulnerability in system. Our in-house team was not that much expert to check for all the critical security aspects of the product. We wanted something managed and takes care of our security. For us AWS Security Hub has been very helpful solution to take care of our secuity issues.
Pros
- Compliance Checks - We required a PCIDSS compliant cloud server and AWS had it already ready to use which reduced our go to market time.
- It also gave us good recommendations about if we have configured our security groups incorrectly then it allowed us to fix this.
- Multi-region security hub on one dashboard
Cons
- Detailed reporting can be improved to help fixing issues and better root cause analysis.
- Account setting up for new users in security groups is little complicated could have been a simple onboarding process.
- The ready to use compliant friendly resources are there but they don't allow much customisation.
Likelihood to Recommend
Where you have a need for automated compliance checks for you deployed server its very helpful and reliable. But you want a customisation's and that also very much for your compliant friendly test, these automations can be very tricky and require a lot of documentation reading to understand things. Also AWS Security Hub doesn't much give good support with third party integrations its more of AWS focused.
